Page 635 - StudyBook.pdf
P. 635
Operational and Organizational Security: Incident Response • Chapter 11 619
Tailgating
Even with the most stringent physical security in place, there are ways of bypassing
these methods and gaining access. One of the simplest methods is tailgating, or pig-
gybacking, in which an unauthorized person follows an authorized person into a
secure area. Regardless of whether a person has to use a key, PIN number, card key,
biometrics, or other methods to open a door and enter, all a second person needs
to do is follow him or her through the door. Even if the first person notices the
security breach, they may feel uncomfortable challenging the person whose tail-
gating, and not bother asking the person to provide identification, get out, or go
back and use their own key or access to enter.
Intruders piggybacking on another person’s access can be a real security chal-
lenge, because any existing security measures are rendered useless even though
they’re functioning properly. It is especially common if the authorized person
knows the tailgater, such as when management, a coworker, or others who are visu-
ally recognized are piggybacking. It’s common to see one person use a key card to
enter a building and several others follow their way in. However, even in these
cases, you cannot be a hundred percent sure that one of them has been dismissed
from the company, under a disciplinary action (such as suspension), or is a con-
tractor whose contract has ended. Even if the person legitimately works for the
company, allowing them to piggyback their way into a server room could result in
equipment being knocked over, sensitive documents (such as administrator pass-
words) being seen, or other problems.
As we’ll see in the section on social engineering, human nature can cause sig-
nificant problems for any security measures you put in place, and there is no easy
way of dealing with it. Policies can be implemented that prohibit allowing anyone
to enter an area unless they have used their own security access method (i.e. key,
access card, PIN number, and so forth), with procedures on what to do if someone
does sneak in behind a person (such as challenging the person to produce ID, noti-
fying security personnel, and so forth). However, most employees are neither
trained nor willing to confront or physically remove a person from the premises, so
often the policy may be ignored for personal safety reasons or because it is emo-
tionally uncomfortable.After all, no one wants to ask their boss to get out of the
building or room because they snuck in the door.
This makes education one of the best methods of combating the problem.
Employees should be educated that tailgating is a security issue, that policies exist
that make a person responsible for those permitted access, and that allowing an
unauthorized person access could result in disciplinary actions (including termina-
www.syngress.com
